Fixed some bugs in systemusers and wordpress backends

2015-11-26 10:42:18 +00:00 · 2015-11-26 10:42:18 +00:00 · c1dcca4f79
parent d6f85f07df
commit c1dcca4f79
7 changed files with 17 additions and 11 deletions
--- a/orchestra/contrib/bills/actions.py
+++ b/orchestra/contrib/bills/actions.py
@ -120,7 +120,10 @@ send_bills.url_name = 'send'


 def download_bills(modeladmin, request, queryset):
-    if queryset.count() > 1:
+    for bill in queryset:
+        if not validate_contact(request, bill):
+            return False
+    if len(queryset) > 1:
        bytesio = io.BytesIO()
        archive = zipfile.ZipFile(bytesio, 'w')
        for bill in queryset:
@ -130,7 +133,7 @@ def download_bills(modeladmin, request, queryset):
        response = HttpResponse(bytesio.getvalue(), content_type='application/pdf')
        response['Content-Disposition'] = 'attachment; filename="orchestra-bills.zip"'
        return response
-    bill = queryset.get()
+    bill = queryset[0]
    pdf = bill.as_pdf()
    response = HttpResponse(pdf, content_type='application/pdf')
    response['Content-Disposition'] = 'attachment; filename="%s.pdf"' % bill.number
--- a/orchestra/contrib/domains/actions.py
+++ b/orchestra/contrib/domains/actions.py
@ -55,7 +55,7 @@ def edit_records(modeladmin, request, queryset):
        link = '<a href="%(url)s" title="%(title)s">%(name)s</a>' % context
        modeladmin_copy.verbose_name_plural = mark_safe(link)
        RecordFormSet = modelformset_factory(
-            modeladmin.model, form=RecordForm, formset=RecordEditFormSet, extra=1, can_delete=True)
+            Record, form=RecordForm, formset=RecordEditFormSet, extra=1, can_delete=True)
        formset = RecordFormSet(queryset=domain.records.all(), prefix=domain.id)
        formset.instance = domain
        formset.cls = RecordFormSet
--- a/orchestra/contrib/saas/backends/wordpressmu.py
+++ b/orchestra/contrib/saas/backends/wordpressmu.py
@ -157,7 +157,7 @@ class WordpressMuBackend(ServiceController):
                    mysql %(db_name)s --execute="
                        DELETE FROM m
                            USING wp_domain_mapping AS m, wp_blogs AS b
-                            WHERE m.blog_id = b.blog_id AND m.active AND %(IDENT)s';
+                            WHERE m.blog_id = b.blog_id AND m.active AND %(IDENT)s;
                        UPDATE wp_blogs
                            SET path='/'
                            WHERE blog_id = ${existing[0]};"
@ -165,7 +165,7 @@ class WordpressMuBackend(ServiceController):
                    mysql %(db_name)s --execute="
                        UPDATE wp_domain_mapping as m, wp_blogs as b
                            SET m.domain = '%(custom_domain)s', b.path = '%(custom_path)s'
-                            WHERE m.blog_id = b.blog_id AND m.active AND %(IDENT)s';"
+                            WHERE m.blog_id = b.blog_id AND m.active AND %(IDENT)s;"
                fi
            elif [[ "%(custom_domain)s" != "" ]]; then
                blog=( $(mysql -Nrs %(db_name)s --execute="
@ -175,7 +175,7 @@ class WordpressMuBackend(ServiceController):
                mysql %(db_name)s --execute="
                    UPDATE wp_domain_mapping
                        SET active = 0
-                        WHERE blog_id = ${blog[0]} AND active = 1;
+                        WHERE active AND blog_id = ${blog[0]};
                    INSERT INTO wp_domain_mapping
                        (blog_id, domain, active) VALUES (${blog[0]}, '%(custom_domain)s', 1);"
                if [[ "${blog[1]}" != "%(custom_path)s" ]]; then
--- a/orchestra/contrib/systemusers/backends.py
+++ b/orchestra/contrib/systemusers/backends.py
@ -139,17 +139,20 @@ class UNIXUserBackend(ServiceController):
                """) % context
            )
    
-    def revoke_permissions(self, context):
+    def revoke_permissions(self, user, context):
        revoke_perms = {
            'rw': '',
            'r': 'w',
            'w': 'r',
        }
-        context['perms'] = revoke_perms[user.set_perm_perms]
+        context.update({
+            'perms': revoke_perms[user.set_perm_perms],
+            'option': '-x' if user.set_perm_perms == 'rw' else '-m'
+        })
        self.append(textwrap.dedent("""\
            # Revoke permissions
            find '%(perm_to)s' %(exclude_acl)s \\
-                -exec setfacl -m u:%(user)s:%(perms)s {} \\;\
+                -exec setfacl %(option)s u:%(user)s:%(perms)s {} \\;\
            """) % context
        )
    
--- a/orchestra/contrib/systemusers/settings.py
+++ b/orchestra/contrib/systemusers/settings.py
@ -12,7 +12,6 @@ SYSTEMUSERS_SHELLS = Setting('SYSTEMUSERS_SHELLS',
        ('/dev/null', _("No shell, FTP only")),
        ('/bin/rssh', _("No shell, SFTP/RSYNC only")),
        ('/bin/bash', "/bin/bash"),
-        ('/bin/sh', "/bin/sh"),
    ),
    validators=[Setting.validate_choices]
 )
--- a/orchestra/contrib/websites/backends/apache.py
+++ b/orchestra/contrib/websites/backends/apache.py
@ -292,6 +292,7 @@ class Apache2Backend(ServiceController):
        
    def get_security(self, directives):
        rules = []
+        location = '/'
        for values in directives.get('sec-rule-remove', []):
            for rule in values.split():
                rules.append('SecRuleRemoveById %i' % int(rule))